[jasonkostempski]

This is the wrong angle to take. Plugins are the correct solutions to these problems. A browser should implement the standards. Period. If this breaks a site users want or need, they will go to another browser. If Mozilla wants to fix things, they should be fighting for new standards. Start with a standard that says all third-party content requires a user prompt to enable, always, no whitelist, no blacklist, no way to disable the prompt. Same with all JS hardware API calls. That's how it should have been from the start. Any browser vendor that goes against the standard would be forced to admit they're enabling gapping vulnerabilities.

[unethical_ban]

There is no web standard for ethical tracking. Web standards are rendering video, images and text, processing JavaScript, interpreting CSS, and so on.

[jasonkostempski]

Maybe your right. I looked quickly but didn't find anything. Is there no standard out there stating, for example, that JavaScript MUST NOT be allowed unrestricted access to local storage or that the location API MUST request permission? These are just accepted as obvious best practices?